Re: libssl 1.0.1 breaking program

On 26 June 2013 18:44, Viktor Dukhovni openssl-us...@dukhovni.org wrote: On Wed, Jun 26, 2013 at 05:29:52PM +0200, Marios Makassikis wrote: By enabling debug information in the program, I was able to obtain these error messages: pppd[2236]: EAP-TLS SSL error stack: pppd[2236]:

Re: libssl 1.0.1 breaking program

On Thu, Jul 25, 2013, Marios Makassikis wrote: On 26 June 2013 18:44, Viktor Dukhovni openssl-us...@dukhovni.org wrote: On Wed, Jun 26, 2013 at 05:29:52PM +0200, Marios Makassikis wrote: By enabling debug information in the program, I was able to obtain these error messages:

Re: libssl 1.0.1 breaking program

On Thu, Jul 25, 2013 at 07:08:30PM +0200, Dr. Stephen Henson wrote: openssl verify -CAfile root.pem -untrusted allcerts.pem ee.pem where allcerts.pem is the complete peer chain and ee.pem is the peer certificate. I'd be interested to see what that commands produces for different version. If

Re: libssl 1.0.1 breaking program

On Thu, Jul 25, 2013, Viktor Dukhovni wrote: On Thu, Jul 25, 2013 at 07:08:30PM +0200, Dr. Stephen Henson wrote: openssl verify -CAfile root.pem -untrusted allcerts.pem ee.pem where allcerts.pem is the complete peer chain and ee.pem is the peer certificate. I'd be interested to see

RE: libssl 1.0.1 breaking program

From: owner-openssl-us...@openssl.org On Behalf Of Marios Makassikis Sent: Thursday, 25 July, 2013 11:56 To: openssl-users@openssl.org Subject: Re: libssl 1.0.1 breaking program On 26 June 2013 18:44, Viktor Dukhovni openssl-us...@dukhovni.org wrote: On Wed, Jun 26, 2013 at 05:29:52PM

CORR: libssl 1.0.1 breaking program

From: owner-openssl-us...@openssl.org On Behalf Of Dave Thompson Sent: Thursday, 25 July, 2013 21:32 From: owner-openssl-us...@openssl.org On Behalf Of Marios Makassikis Sent: Thursday, 25 July, 2013 11:56 Aargh. Sorry, I read this wrong: In both cases, only the server validates the

libssl 1.0.1 breaking program

Hello list, I need to compile a version of PPP that supports EAP-TLS authentication protocol. Fortunately there is a a patch that accomplishes exactly this [1]. I have built the package using the default libssl-dev package provided by my operating system (Debian Wheezy/7.0). Specifically, it is

Re: libssl 1.0.1 breaking program

On Wed, Jun 26, 2013 at 02:57:15PM +0200, Marios Makassikis wrote: By enabling debug information in the program, I was able to obtain these error messages: pppd[2236]: EAP-TLS SSL error stack: pppd[2236]: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib and

Re: libssl 1.0.1 breaking program

Hello, On 26 June 2013 16:41, Viktor Dukhovni openssl-us...@dukhovni.org wrote: On Wed, Jun 26, 2013 at 02:57:15PM +0200, Marios Makassikis wrote: By enabling debug information in the program, I was able to obtain these error messages: pppd[2236]: EAP-TLS SSL error stack:

Re: libssl 1.0.1 breaking program

On Wed, Jun 26, 2013 at 05:29:52PM +0200, Marios Makassikis wrote: By enabling debug information in the program, I was able to obtain these error messages: pppd[2236]: EAP-TLS SSL error stack: pppd[2236]: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib and